Press Ganey

Senior Security Engineer

Press Ganey

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇳🇴 Norway

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AzureCloudDockerGoJavaJenkinsKubernetesMicroservicesPythonSDLC

About the role

  • Participate in vision, principles, and security strategy for projects or specific technologies, ensuring alignment with organizational goals.
  • Integrate and manage security tooling across the SDLC and CI/CD pipelines.
  • Safeguard the software development lifecycle by securing dependencies, container images, build processes, and third-party integrations.
  • Embed security into new CI/CD pipelines and maintain existing security testing in CI/CD pipelines.
  • Contribute hands-on to codebases where needed, providing guidance on secure coding practices and reviewing critical code paths.
  • Champion container security by ensuring secure image creation, scanning, and runtime protections across platforms like Docker and Kubernetes.
  • Drive adoption of secure coding practices, supported by threat modelling, code reviews, and developer training programs.
  • Drive security awareness and best practices across engineering teams by mentoring developers and empowering Security Champions.
  • Establish and track key metrics for AppSec maturity, risk reduction, and remediation SLAs.
  • Liaise with Legal to define and communicate security controls required for regulatory compliance and contractual obligations.

Requirements

  • 6+ years' experience in Application Development or similar technical role (Preferred)
  • Strong background in software development (experience with at least one major language such as Go, Java, Python, or C#).
  • Hands-on experience in building and troubleshooting CI/CD pipelines (Jenkins, Azure DevOps, GitLab CI, GitHub Actions, or similar).
  • Deep understanding of secure architecture patterns (microservices, APIs, authentication, authorization).
  • Experience with mTLS, PKI, and cryptographic protocols.
  • Hands-on experience with IaC security and secure automation.
  • Ability to effectively communicate complex security concepts to both technical and non-technical audiences.
  • Familiarity with modern infrastructure (Kubernetes, Docker, cloud-native environments).
  • Knowledge of modern DevSecOps practices and CI/CD security integration.
Benefits
  • 1-4 times per year travel required.
  • Flexible working hours.
  • Work-life balance supports.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GoJavaPythonC#CI/CDJenkinsAzure DevOpsGitLab CIGitHub ActionsIaC security
Soft skills
communicationmentoringguidancesecurity awarenessempowerment